public User Authenticate(string username, string password)
{
var user = _db.Users.SingleOrDefault(x => x.UserName == username);
if (user == null)
{
return(null);
}
bool passMatch = PasswordHashTool.VerifyHashedPassword(password, user.Password);
if (passMatch == false)
{
Console.WriteLine("Wrong Password: " + password);
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, user.UserId.ToString())
}),
Expires = DateTime.UtcNow.AddDays(3),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
return(user);
}
public bool CreateUser(User user)
{
if (user != null)
{
user.Password = PasswordHashTool.HashPassword(user.Password);
}
_db.Users.Add(user);
return(Save());
}
public bool PasswordValidation(LoginUserDTO credentials)
{
string name = credentials.UserName;
string password = credentials.Password;
User user = GetUserByUserName(name);
if (user != null)
{
if (user.UserName == name && PasswordHashTool.VerifyHashedPassword(password, user.Password))
{
return(true);
}
}
return(false);
}
